Career Center

In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel. This will enable you to search for CAIA specific roles globally.
Head, Risk Governance - Third Party Security Risk
Standard Chartered Bank
SAVE savedJobs
SAVE savedJobs

Head, Risk Governance - Third Party Security Risk

Standard Chartered Bank

Gmail Email Print
Application
The application opened in a new tab.
By using this feature you agree to our Terms and Conditions and Privacy Policy.
Details
Posted:
February 23, 2021
Location:
Singapore, Singapore
Salary:
Open
Type:
Full Time
Make an impact every day with Trust, Data and Resilience (TDR)
Our TDR team sits within the Group Operations function and is responsible for mission-critical areas including cyber, information, data, privacy and resilience. These are challenges that impact our clients globally. Our TDR team develops the platforms, drives the processes and builds partnerships to benefit millions of people every day. They thrive in providing solutions to complex issues, devote time and energy to designing new and innovative solutions, and all in an environment that demands being risk-aware, not risk-averse. TDR chooses progress over perfection and aims to always participate with a constructive purpose. The team makes an impact wherever they are based, be it in our offices around the world, our Global Business Solution centres in China, India, Malaysia and Poland, or even from our home.

Now you have an opportunity to make a meaningful impact with a diverse and passionate team of creators, innovators and achievers. With us, you'll learn, be inspired, and make an impact every day. The success of our work hinges on how we use the unique diversity of our people to realise the effects we seek to achieve: Always on. Always safe. Always Simple.

The Role Responsibilities
The Group Chief Information Security Officer (CISO) organisation is instrumental in protecting and ensuring the resilience of Standard Chartered Bank's data and IT systems by managing information and cyber security (ICS) risk across the enterprise. As a critical function reporting into the Group Chief Operating Officer (COO), the Office of the CISO serves as the first line of defence for assuring ICS controls are implemented effectively and in accordance with the ICS Risk Framework and for instilling a culture of cyber security within the Bank.

The Office of the CISO is central to ensuring the Bank's ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.

The Global Head of TPSR leads the third-party security risk assessment program within the Bank. The program plays a central role across the Bank in managing vendor risk by implementing a standardized data risk security assessment to third parties.

Significant transformation is underway within the Third Party Security Risk function to rapidly improve the Group's Cyber, Data, Privacy and Automation control environment, along with digitization and innovation, and to collaborate with different areas of the bank that are responsible for vendor management to build integration of third party data security risk into the wider bank vendor management process.

To support the TPSR transformation agenda in growing trust with clients and regulators, a Head of Risk Governance role has been created in Singapore to develop and implement best practice risk management processes, governance, and planning across Third Party Security Risk.

The successful candidate will have a solid understanding of information security, third party risk management and supply chain management. In addition, the successful candidate will work closely with the Global Head of ICS Governance, and Risk to ensure policies and procedures related to TPSR meet internal and regulatory policy requirements. As a representative of the "first line of defence" the position supports the appropriate design, implementation, and/or execution of the TPSR framework

Risk Management
  • Continuously improve the operational efficiency and effectiveness of risk & control management and oversight processes.
  • Develop and maintain enterprise governance frameworks, standards and practices relating to risk governance and effectively implement them.
  • Design and maintain internal processes that allow Global Head TPSR to dynamically monitor risk, controls and their effectiveness.
  • Responsible for the preparation of risk related papers suitable for timely deliver at GNFRC, MT or other senior forums
  • Instrumental in the planning, preparation and tracking of any TPSR related Risk Acceptance papers
  • Oversee all TPSR controls and corresponding CSTs, KCIs and KRIs on a periodic basis.
  • Act quickly and decisively when any risk and / or control weaknesses becomes apparent and ensure they are addressed within an appropriate timeframe and escalated through the relevant committees.
  • Ensure that all documented Risks have ownership, agreement of facts, actions assigned and are managed to timely completion.
  • Drive the internal risk management planning agenda and delivery.
  • Develop and maintain a conduct risk management plan, supporting the identification and management of all TPSR conduct risks.
  • Responsible for COO TDR related TPSR Risk Assessment forum materials and deliverables.
  • Responsible for preparing all Group ICS Risk Oversight forum materials
  • Prepare risk management related procedures as required
  • Work with other risk & control teams to drive efficiency, effectiveness and reduce duplication.
  • Work closely with supply chain and vendor management functions within the bank (Global Sourcing, Legal, Compliance, Business Contract Managers, etc.) on third party security risk related risk initiatives
Governance
  • Establish strong ties into the relevant business lines governance, risk and control committees to ensure adequate monitoring, tracking and governance of the TPSR function.
  • Development, implementation and maintenance of a management information, analysis and reporting framework that supports and informs timely and effective decision making at all levels.
  • Tracking and reporting of risk acceptances and their outputs to ensure oversight and escalation mechanisms are in place.
  • Provide timely and accurate reporting to appropriate committees.
  • Setup and run a TPSR management team Risk Forum to ensure all risk activities are managed for quality and timely completion and to ensure that domain owner, process owners and risk owners are fully informed of activities in their space.
  • Represent Risk Management on corporate or enterprise-wide projects or policy initiatives impacting or governing risk governance and control
Strategy
  • Work closely with the Global Head, Third Party Security Risk to delivery key strategic initiatives. This could be either by direct involvement / delivery of initiatives or supporting the team with specific assignments.
Business
  • Provide robust challenge and escalation to senior management and all relevant business/function/region stakeholders to ensure activities achieve risk reduction.
Processes
  • Drive consistent methodology, tools, processes & standardised templates for Third Party Security Risk as part of their Conduct, Risk & Control agenda.
  • Maintain and update documentation on risk and control processes.
  • Perform coordination for Regulatory Requests for Information across Third Party Security Risk engaging with multiple-parties.
  • Perform administrative activities to support risk and control processes put in place.
  • Regularly share lessons learnt and best practice in a timely manner across a wide-ranging stakeholder group within businesses/functions.
People and Talent
  • Provide proactive self-orienting and self-motivating leadership, and work with limited direction.
  • Provide strong leadership, management and coaching over colleague(s).
  • Lead through example and build the appropriate culture and values. Set appropriate tone and expectations, and work in collaboration with risk and control partners.
Regulatory & Business Conduct
  • Display exemplary conduct and live by the Group's Values and Code of Conduct.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key Stakeholders
  • Global Head, Third Party Security Risk
  • Global Head of Control, Trust, Data & Automation
  • Head of Operations, Data Management & Privacy
  • Global Head, Resilience
  • Accountable Executive, ICS TRP
  • Global Head of Operations, ICS
  • Global Head of Operations, Lean Digital, Data Analytics & Automation
  • Global Head, Cyber Security Services
  • Global Head, Training & Awareness
Our Ideal Candidate
  • Advanced knowledge and experience in compliance, risk and governance roles
  • Bachelor / Honours Degree (Information Technology, Computer Science or Cyber Security) Preferred (but not essential).
  • Defining methodology, tools, processes and standardised templates for Risk & Control Management and oversight
  • Strong background in implementing and assessing both business & technology risks and controls
  • Excellent organisation skills with the ability to manage multiple deadlines and effectively prioritise
  • Analytical and independent thinker with strong written and verbal communication skills
  • Experience of delivering transformation / project initiatives
  • Resourceful and creative in presenting information
To view information on our benefits including our flexible working please visit our career pages . We welcome conversations on flexible working.

About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.

Internal Number: 10363089
More Jobs from This Employer
More Jobs Like This
Assistant VP, Credit Policy Analyst, Credit Policy & Portfolio Management, Group Credit   Singapore, Singapore
United Overseas Bank Today
Asset Management - Institutional Oversight - Analyst - London   London, United Kingdom
Goldman Sachs Today
Cloud Architect   Singapore, Singapore
Capgemini Yesterday
BACK TO TOP
CAIA Career Center is Just One of the Benefits.
Discover what else CAIA has to offer!
Networking
Certifications
Training
The job you are trying to reach from was originally posted at CAIA Career Center.
Help is on the way!
We're sorry you are having trouble applying for this job.

Please try loading this job using the following link before submitting your help request:
Powered By Naylor Association Solutions